Credit unions urged to adopt ‘heightened sense’ of cybersecurity in wake of Russia Ukraine invasion

Big or small, financial institutions around the U.S. should be on guard for cyberattacks following Russian’s invasion of Ukraine, and allied responses to it, the federal credit regulator said Thursday.

Passing along two alerts from the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) outlining risks from Russian state-sponsored cyber threats, and “highlighting recent malicious cyber incidents suffered by public and private entities in Ukraine,” the National Credit Union Administration (NCUA) said it joined federal law and cybersecurity agencies in encouraging credit unions of all sizes “to adopt a heightened state of awareness and to conduct proactive threat hunting.”

The agency also observed that COVID-related supply chain disruptions may require management to reevaluate previously held assumptions for business continuity and disaster recovery plans.

“Credit union leadership should be aware of critical cyber risks and take urgent steps to reduce the likelihood and impact of a potentially damaging compromise,” the “cybersecurity alert” from NCUA stated. “All credit unions, regardless of size, are potentially vulnerable to cyberattacks.”

The agency urged credit unions to review the CISA-issued alerts and to “act on the applicable recommendations.” The NCUA called it crucial that credit unions do their part to improve their resilience, reducing the risk of compromise or severe business degradation.

NCUA cybersecurity alert: Current Geopolitical Events Increase Likelihood of Imminent Cyberattacks on Financial Institutions

Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure

Implement Cybersecurity Measures Now to Protect Against Potential Critical Threats